Fallos del tipo CWE-287
1838 resultadosCVE-2023-5830HIGHColumbiaSoft Document Locator WebTools login improper authenticationEPSS 61.0%CVE-2026-20127CRITICALCisco Catalyst SD-WAN Controller Authentication Bypass VulnerabilityEPSS 57.8%KEVCVE-2023-4415HIGHRuijie RG-EW1200G login improper authenticationEPSS 56.1%CVE-2023-42442HIGHJumpServer session replays download without authenticationEPSS 55.9%CVE-2021-27651CRITICALIn versions 8.2.1 through 8.5.2 of Pega Infinity, the password reset functionality for local accounts can be used to bypass local authenticaEPSS 53.8%CVE-2022-24422CRITICALDell iDRAC9 versions 5.00.00.00 and later but prior to 5.10.10.00, contain an improper authentication vulnerability. A remote unauthenticateEPSS 53.8%CVE-2024-2862CRITICALPassword reset vulnerability without authorization on LG LED AssistantEPSS 51.3%CVE-2020-12812CRITICALAn improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to logEPSS 49.3%KEVCVE-2024-26331HIGHReCrystallize Server 5.10.0.0 uses a authorization mechanism that relies on the value of a cookie, but it does not bind the cookie value to EPSS 49.3%CVE-2023-50919CRITICALAn issue was discovered on GL.iNet devices before version 4.5.0. There is an NGINX authentication bypass via Lua string pattern matching. ThEPSS 47.8%CVE-2021-22893CRITICALPulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share BrowseEPSS 47.2%KEVCVE-2024-8181CRITICALFlowise Authentication BypassEPSS 46.1%CVE-2022-42233CRITICALTenda 11N with firmware version V5.07.33_cn suffers from an Authentication Bypass vulnerability.EPSS 42.7%CVE-2024-3080CRITICALASUS Router - Improper AuthenticationEPSS 41.6%CVE-2022-25369CRITICALAn issue was discovered in Dynamicweb before 9.12.8. An attacker can add a new administrator user without authentication. This flaw exists dEPSS 40.7%CVE-2021-37580—Apache ShenYu Admin bypass JWT authenticationEPSS 40.1%CVE-2019-6814—A CWE-287: Improper Authentication vulnerability exists in the NET55XX Encoder with firmware prior to version 2.1.9.7 which could cause impaEPSS 36.6%CVE-2019-19006CRITICALSangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Control.EPSS 36.6%KEVCVE-2025-53778HIGHWindows NTLM Elevation of Privilege VulnerabilityEPSS 36.1%CVE-2025-32815MEDIUMAn issue was discovered in Infoblox NETMRI before 7.6.1. Authentication Bypass via a Hardcoded credential can occur.EPSS 32.8%